Welcome to the inaugural issue of the ReThink Security Newsletter
You have been included in this newsletter because we have met at some point throughout our professional travels and you have indicated an interest in Application Security. If you don't want to see any more of this, please click the unsubscribe link at the bottom of this email.
Jason Taylor and I will strive to bring you our unique thoughts and analysis in the cyber security space. We have a combined four decades of experience, thinking about security, solving problems for our customers, and innovating with new products and technologies. In addition to that, we have access to a team of over a hundred dedicated engineers, focused on assessing and reducing application security risk for our customers - ranging from large Fortune 100 companies to the smallest enterprise. We hope that the problems we identify, the trends we see, the solutions we've found, and the interesting stories we share will make your job easier, while entertaining you along the way.
In this issue, we have five articles to share with you:
- Welcome! (Jason Taylor) - Joe and I created this website and newsletter to help you do your job better, and in so doing, make the world a better place for all of us to live in. We want to share with you what we see in the security industry, and in the world at large, through the lens of two security professionals who have been at this for a very long time. We have been thinking about security, finding and exploiting vulnerabilities, writing interesting code, managing teams of engineers, and helping our customers (large and small) up their game for over twenty years each...
- Where to Begin (Joe Basirico)- “Where to begin” is a common question we hear in security. Our clients will come to us and ask what they should do next in terms of security. What’s their next step. What will make the biggest impact, or what’s the best value for their investment...
- Privacy as a Differentiator (Joe Basirico) - I really appreciate the efforts that Apple has made to protect the privacy of their users. In my mind this does two things. First, it offers a model of competition where other companies can see Apple’s success in protecting data while providing competing features. Second, it gives customers an option to “un-subsidize” the common advertising and data-as-currency model for cheap devices...
- Google's Global Adaptive Authentication (Joe Basirico) - Passwords are the scourge of application security. Password reuse is rampant, data breaches compromising poorly stored passwords are common, passwords are difficult to remember and easy to crack, password guidance is inconsistent...
- Can Security Training Change Lives? (Jason Taylor) - I had the opportunity to spend a few days at a security conference last month, in which I talked with hundreds of people in the information security community about their fears, concerns, hopes, and plans. One thing that stood out to me was the sheer optimism and joy that most of the conference attendees brought with them. They were not there (only) for the swag or the cocktail hour or the chance to be away from their day jobs for a few days. The vast majority were there because they loved their jobs, believe in what they are doing, and wanted to learn more so they could bring that knowledge back to do their jobs even more effectively...
We want this to be valuable to you and we’re working hard to deliver something that we think will help you understand the security landscape better. If there’s something we can do to improve, please let us know. If there's a topic you'd like us to cover, please send us your suggestions. If you’d rather not receive these emails at all, don’t worry, you’ll fall off of our list if you don’t explicitly opt-in to receive more.
If you have any questions or comments, please don't hesitate to email me at joe@rethinksecurity.io.
- Jason Taylor and Joe Basirico (J&J)
